<?php

/*
|--------------------------------------------------------------------------
| Application & Route Filters
|--------------------------------------------------------------------------
|
| Below you will find the "before" and "after" events for the application
| which may be used to do any work before or after a request into your
| application. Here you may also register your custom route filters.
|
*/


use nimo\domains\car_balance\Model\CarMaker;

App::before(function($request)
{
    /*  auth will check login status
    // Check if the user is logged in
    if ( strpos(Request::url(), 'car_balance') !== false && ! Sentry::check())
    {
        // Store the current uri in the session
        Session::put('loginRedirect', Request::url());

        // Redirect to the login page
        return Redirect::route('signin');
    }
    */
});

App::after(function($request, $response)
{
	//
});

/*
|--------------------------------------------------------------------------
| Authentication Filters
|--------------------------------------------------------------------------
|
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/

Route::filter('auth', function()
{
	// Check if the user is logged in
	if ( ! Sentry::check())
	{
		if (Request::ajax()) {
			return Response::json(array('status' => 'error', 'messages'=>'Please login or reload page.'));
		}
		
		// Store the current uri in the session
		Session::put('loginRedirect', Request::url());

		// Redirect to the login page
		return Redirect::route('signin');
	}
});
Route::filter('car_users', function()
{
	// Check if the user is car balance users
	if ( ! Sentry::getUser()->hasAnyAccess(array('admin', 'operator', 'customer')))
	{
		// abort opertion
		App::abort(403, 'Opertion is not allowed');
	}
	if (Config::get('app.debug')) {
		Debugbar::info('Car user allowed', 'car');
	}
});
Route::filter('backoffice_users', function()
{
	// Check if the user is car balance users
	if ( ! Sentry::getUser()->hasAnyAccess(array('admin', 'operator')) )
	{
		// abort opertion
		App::abort(403, 'Opertion is not allowed');
	}
	if (Config::get('app.debug')) {
		Debugbar::info('Car backoffice opertion allowed', 'car');
	}
});
Route::filter('manager_users', function()
{
	// Check if the user is car balance users
	if ( ! Sentry::getUser()->hasAnyAccess(array('admin')))
	{
		// abort opertion
		App::abort(403, 'Opertion is not allowed');
	}
	if (Config::get('app.debug')) {
		Debugbar::info('Car manager operation allowed', 'car');
	}
});


Route::filter('auth.basic', function()
{
	return Auth::basic();
});

/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/

Route::filter('guest', function()
{
	if (Auth::check()) return Redirect::to('/');
});

/*
|--------------------------------------------------------------------------
| Admin authentication filter.
|--------------------------------------------------------------------------
|
| This filter does the same as the 'auth' filter but it checks if the user
| has 'admin' privileges.
|
*/

Route::filter('admin-auth', function()
{
	// Check if the user is logged in
	if ( ! Sentry::check())
	{
		// Store the current uri in the session
		Session::put('loginRedirect', Request::url());

		// Redirect to the login page
		return Redirect::route('signin');
	}

	// Check if the user has access to the admin page
	if ( ! Sentry::getUser()->hasAccess('admin'))
	{
		// Show the insufficient permissions page
		return App::abort(403);
	}
});

/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/

Route::filter('csrf', function()
{
	if (Session::token() != Input::get('_token'))
	{
		throw new Illuminate\Session\TokenMismatchException;
	}
});
